The invention relates to preventing unauthorized access to RFID (Radio Frequency Identification) documents such as passports, and more particularly to circuitry incorporated in passports and other confidential documents to prevent unauthorized RFID access to them unless certain conditions are met.
The term RFID refers to the wireless use of radio-frequency electromagnetic fields to transfer data to automatically identify or track RFID “tags” or electronic labels on various objects. The RFID tags contain electronically stored information and may be powered up and read or interrogated at short distances by electromagnetic fields. Unlike a barcode, an RFID tag does not need to be within line of sight of an RFID reader, and may be embedded within an object to be accessed and interrogated. RFID typically uses an electronic chip which is affixed to the object to be accessed and typically contains identification information and other information which may be read, recorded, or rewritten. An RFID reader can provide the surge of power needed to “wake up” the access control circuitry in the electronic chip, read the passport data, and then go back to a “sleep state” or an “off state”. An RFID system uses RFID tags attached to or embedded within objects to be accessed/identified. RFID readers include transmitter-receivers, i.e., transceivers, for transmitting a signal to the tag and receiving and reading a response of the RFID chip. To start operation of a “passive” RFID chip, it must be powered by the signal transmitted by an RFID reader, wherein that transmitted signal has a power level roughly three times stronger than would be required only for RFID tag identification.
Unfortunately, unauthorized access to typical RFID-based documents can be accomplished by means of any nearby RFID reader that is sufficiently close that its transmitted signal can “wake up” the RFID chip or tag of the document and thereby access data stored in it. Due to the nature of RFID reading, any accessing of the RFID chip requiring less than a half second can be transparent to the document user. A typical RFID tag requires 30-50 μW (microwatts) to operate.
An RFID chip typically includes an antenna, a circuit for producing DC power from the RF signals transmitted by the RFID reader in order to power up the RFID chip, a transceiver for modulating and demodulating the RF signal, and integrated circuitry for storing and processing digital information. The tag information is stored in a non-volatile memory. The RFID tag may also include identification data storage circuitry. In operation, the RFID reader transmits an encoded RF signal to the RFID chip to interrogate it. The RFID chip receives and decodes the RF signal and then responds by transmitting stored identification information and possibly other information back to the RFID reader.
RFID tags included in recent US passports typically store the same information that is printed within the passport and also store a digital picture of the passport owner. Unfortunately, the stored information is vulnerable to unauthorized “skimming” or eavesdropping of the RFID tag. In order to make it more difficult for nearby unauthorized RFID readers to “skim” information in a RFID passport tag while the passport is closed, a thin metal lining or shield has been included in or around the passports. However, this approach has been unsatisfactory in some cases because of its costs and also because of various user compliance problems. For example, some people either lose the passports or forget to replace the shields on the passports after removing them to allow them to be accessed by a RFID reader. In some cases the shields are so thin that they tear easily, and sometimes people simply fail to use them. Another method of preventing unauthorized reading of RFID tags in secure documents is by use of cryptography, which typically is complex and costly. Complex biometric passports (also known as digital passports) use contactless smart card technology including a microprocessor and antenna embedded in the cover or a center page of the passport, but these are costly and also unsatisfactory in some cases. If cryptography is utilized in every RFID-based passport or document, the cryptography needs to be complex and the associated calculations require a large amount of relatively expensive computing power.
Thus, there is an unmet need for a convenient and inexpensive way to prevent unauthorized access to a RFID-based document or a passport by anyone who has a RFID reader that is sufficiently close to the document or passport to effectively scan its RFID code.
There also is an unmet need for a convenient and inexpensive way to provide restricted access to a passport with RFID by anyone who has a RFID reader that is sufficiently close to the passport to scan its RFID code.